News Brief
Disinformation

UK Disinformation Researcher Hacked by Russia

A Russian cyber-attack allegedly knocked a London-based organization tasked with fighting disinformation offline in the latest cyber-strike between Western countries and the Kremlin.

British government sources say Russian military intelligence, the GRU, is likely behind the hack of the Institute for Statecraft in retaliation for Britain’s implication of the GRU in the Salisbury poisoning. If confirmed, this would be Russia’s first “hack-and-leak” operation in the UK.

Founded in 2009 and partially sustained by UK-government funds, the Institute worked to combat disinformation by “bringing together groups of experts to analyse and discuss the problems posted by Russian disinformation,” said Sir Alan Duncan, Britain’s Europe Minister.

The organization says its website data was stolen, forcing the organization to temporarily reduce their site to a landing page explaining that an investigation was ongoing and asking for tips regarding the attack.

The U.S. recently carried out its first acknowledged offensive cyber attack against Russia. In November, the Pentagon successfully shut off internet access at a Russian troll farm during America’s midterm elections. U.S. officials credited the attack with safe-guarding the poll.

The attack on the British Institute reaped different rewards — plenty of fodder for Russian state media. It was the Russian state newswire Sputnik which first broke the story of the hack in November, attributing the online information leak to a group calling itself Anonymous (though there is no evidence that this group is affiliated with the international network of hackers with the same name).

In a slow drip-feed of media reports, Russian state television broadcast stories of British plots against Russia with sensational headlines about the Institute.

“Meddling Playbook: UK runs covert network to ‘counter Russia,’” read one headline on the state-run RT Network.

Some of the other information stolen from the Institute and posted online included the names, addresses and banking information of 12 staff people.